Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/D3D1604C2B6711EC8CD1C61FC4F9AE02.roa
File: D3D1604C2B6711EC8CD1C61FC4F9AE02.roa (raw, json)
Hash identifier: K+U5H/gEB39S0MtkniCqyAbmgU8k6WO9RKiUyR91DCc=
Subject key identifier: E0:AA:E7:5B:87:54:86:3D:14:D4:AF:0A:87:26:B6:45:37:AB:2C:3A
Certificate issuer: /CN=A917AFE7/serialNumber=DCC07A9D8FFE378DDDAF3CD0E41A9EF6FDD3148F
Certificate serial: 0483
Authority key identifier: DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/D3D1604C2B6711EC8CD1C61FC4F9AE02.roa
Signing time: Tue 14 Jan 2025 23:42:53 +0000
ROA not before: Tue 14 Jan 2025 23:42:53 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 139814
IP address blocks: 103.145.164.0/23 maxlen: 23
103.145.164.0/24 maxlen: 24
103.145.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1155 (0x483)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917AFE7
Validity
Not Before: Jan 14 23:42:53 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6786f67d-b372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:45:1a:4f:0e:a9:5b:fc:c3:d3:06:39:1a:79:
db:c1:a4:1d:71:b3:29:e3:95:17:2d:fd:bb:e5:05:
fa:50:05:f4:e1:c5:af:d2:16:0e:cc:60:e5:73:6b:
60:72:66:a7:f3:55:db:f0:93:f6:48:68:64:84:97:
e1:10:82:8e:e2:06:be:64:7b:bc:04:63:19:77:de:
25:cc:5a:42:37:9e:72:b7:64:4a:f1:c5:4b:a6:2b:
a1:b2:b3:7d:4d:75:52:38:40:67:3d:f7:ca:8f:41:
fc:7c:5b:ce:40:31:40:60:b5:a4:51:a5:25:9a:9c:
a2:d3:ab:ae:2c:a9:f0:79:c0:21:73:df:cb:08:4f:
7c:b2:64:fc:0e:b8:d1:4f:f0:57:08:c9:f4:b9:80:
08:04:b2:db:f1:a8:f8:2e:c6:e5:52:30:3e:5a:af:
f6:f5:5e:d9:c9:5f:fc:2c:89:5e:3e:3d:3d:38:89:
0a:b8:3d:1e:04:74:81:4b:4d:72:05:6d:ea:90:d0:
c9:e1:15:39:49:30:c2:34:e1:da:63:01:df:34:1f:
bb:27:17:20:13:52:20:b4:6a:fe:53:9b:98:52:11:
6c:06:66:6b:5b:7a:33:b7:5e:3f:03:ae:0b:bf:3b:
c8:2e:22:97:03:a5:53:c7:c1:99:df:58:d5:5a:d8:
88:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AA:E7:5B:87:54:86:3D:14:D4:AF:0A:87:26:B6:45:37:AB:2C:3A
X509v3 Authority Key Identifier:
keyid:DC:C0:7A:9D:8F:FE:37:8D:DD:AF:3C:D0:E4:1A:9E:F6:FD:D3:14:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/3MB6nY_-N43drzzQ5Bqe9v3TFI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3MB6nY_-N43drzzQ5Bqe9v3TFI8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AFE7/F8B65374291211EC8631B854C4F9AE02/D3D1604C2B6711EC8CD1C61FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.164.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:76:e0:fa:02:08:f0:a1:cf:22:75:6c:80:78:67:d0:ca:be:
91:82:24:ef:44:13:5a:90:bd:c6:dc:04:31:e7:5b:85:b5:3e:
df:11:9f:5c:42:97:0c:fe:db:e4:78:60:87:42:53:0a:a4:d1:
7d:0a:d4:bd:da:c8:db:45:0c:ef:c5:c6:21:e4:c0:cc:db:9d:
16:d8:39:32:e0:f3:87:ff:94:25:71:33:70:26:a2:c0:4a:97:
05:98:3c:12:b6:22:47:af:52:e6:e9:cc:6b:90:0c:71:c0:42:
29:28:65:3a:a9:9b:17:8e:5b:88:5c:93:de:c7:6e:d2:1a:72:
e9:a5:a8:21:b4:92:af:5a:7d:8c:b2:45:9a:c7:16:1d:4b:c4:
ae:aa:bd:d2:89:48:ff:3b:50:5d:c9:17:d9:af:5f:37:81:d0:
20:af:e7:b7:7b:67:9a:41:99:77:8b:0d:da:a7:7f:8f:ea:bf:
63:a0:65:e2:cc:92:81:ad:69:a4:c5:13:63:22:96:b8:29:30:
fd:4b:02:54:6e:34:d5:55:72:b2:07:3e:18:3f:59:76:5a:4d:
1b:d9:74:2c:c6:b5:e8:ee:b8:2b:e2:51:a8:95:f2:4c:be:0b:
b7:3a:98:bd:f9:78:f9:48:28:8f:45:5b:f3:6b:9f:ad:6f:6e:
49:aa:04:ea
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FGRTcxMTAvBgNVBAUTKERDQzA3QTlEOEZGRTM3OEREREFGM0NEMEU0MUE5RUY2
RkREMzE0OEYwHhcNMjUwMTE0MjM0MjUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2ZjY3ZC1iMzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzUUaTw6pW/zD0wY5GnnbwaQdcbMp45UXLf275QX6UAX04cWv0hYOzGDlc2tg
cman81Xb8JP2SGhkhJfhEIKO4ga+ZHu8BGMZd94lzFpCN55yt2RK8cVLpiuhsrN9
TXVSOEBnPffKj0H8fFvOQDFAYLWkUaUlmpyi06uuLKnwecAhc9/LCE98smT8DrjR
T/BXCMn0uYAIBLLb8aj4LsblUjA+Wq/29V7ZyV/8LIlePj09OIkKuD0eBHSBS01y
BW3qkNDJ4RU5STDCNOHaYwHfNB+7JxcgE1IgtGr+U5uYUhFsBmZrW3ozt14/A64L
vzvILiKXA6VTx8GZ31jVWtiIsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOCq51uH
VIY9FNSvCocmtkU3qyw6MB8GA1UdIwQYMBaAFNzAep2P/jeN3a880OQanvb90xSP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUZFNy9GOEI2NTM3NDI5
MTIxMUVDODYzMUI4NTRDNEY5QUUwMi8zTUI2bllfLU40M2RyenpRNUJxZTl2M1RG
STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNNQjZuWV8tTjQzZHJ6elE1QnFlOXYzVEZJOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0FGRTcvRjhCNjUzNzQyOTEyMTFFQzg2MzFCODU0QzRGOUFFMDIvRDNEMTYwNEMy
QjY3MTFFQzhDRDFDNjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkaQwDQYJKoZIhvcNAQELBQADggEBALt24PoCCPChzyJ1
bIB4Z9DKvpGCJO9EE1qQvcbcBDHnW4W1Pt8Rn1xClwz+2+R4YIdCUwqk0X0K1L3a
yNtFDO/FxiHkwMzbnRbYOTLg84f/lCVxM3AmosBKlwWYPBK2IkevUubpzGuQDHHA
QikoZTqpmxeOW4hck97HbtIacumlqCG0kq9afYyyRZrHFh1LxK6qvdKJSP87UF3J
F9mvXzeB0CCv57d7Z5pBmXeLDdqnf4/qv2OgZeLMkoGtaaTFE2MilrgpMP1LAlRu
NNVVcrIHPhg/WXZaTRvZdCzGtejuuCviUaiV8ky+C7c6mL35ePlIKI9FW/Nrn61v
bkmqBOo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:01:34 2025 by rpki-client